<?php
require("includes/basic.php");

$vendor=addslashes($_POST['vendor-name']);
$vendor_desc=addslashes($_POST['vendor-desc']);
$creator=$_SESSION['uid'];
$vendor_uname=$_POST['vendor-uname'];
$vendor_pass=md5($_POST['vendor-pass']);



$sql=mysql_query("insert into vendor_master(`vendor`,`vendor_desc`,`user_name`,`password`,`vendor_created_by`,`vendor_created_on`) values ('$vendor','$vendor_desc','$vendor_uname','$vendor_pass','$creator',sysdate())");

$getvid=mysql_query("select * from vendor_master order by vendor_id desc limit 1");
$vidr=mysql_fetch_array($getvid);
echo 
extract($vidr);
$vid=$vidr['vendor_id'];

//$sql1=mysql_query("insert into cust_client (`customer_id`,`client_id`) values ('$customer','$cid')");
if($sql)
	{
		if(isset($_POST['submit']) && $_FILES['uploadedfile']['size'] > 0)
			{
				$fileName = $_FILES['uploadedfile']['name'];
				$tmpName = $_FILES['uploadedfile']['tmp_name'];
				$fileSize = $_FILES['uploadedfile']['size'];
				$fileType = $_FILES['uploadedfile']['type'];
				$fp      = fopen($tmpName, 'r');
				$content = fread($fp, filesize($tmpName));
				$content = addslashes($content);
				fclose($fp);
				if(!get_magic_quotes_gpc())
				{
					$fileName = addslashes($fileName);
				}
				
				$query = "INSERT INTO vendor_logo(vendor_id, name, type, size, content,uploaded_on) VALUES ('$vid','$fileName','$fileType','$fileSize','$content',sysdate())";				
				mysql_query($query) or die('Error, query failed'); 				
			}
	}
	
if($sql)
{
 header("location:view-vendors.php");
}


?>